Login user error

[n1c0z]

It seems a non authenticated but existing user is redirected to the same route:

        if (bcrypt.compareSync(password, hashPassword)) {
            req.session.user = JSON.stringify({ username, hashPassword });
            //console.log('Login success')
            res.redirect("/login");
        } else {
            console.log("Bad login");
            res.redirect("/login");
        }